[Zope-dev] Re: [ZODB-Dev] ZEO signal feature
Toby Dickenson
tdickenson@geminidataloggers.com
Mon, 7 Oct 2002 14:20:03 +0100
On Monday 07 Oct 2002 1:47 pm, Guido van Rossum wrote:
> > > Well, there goes zLOG's MinimalLogger implementation.
> >
> > The module name might be 'MinimalLogger', but everywhere else it is
> > known as 'the stupid log'.
>
> And stupid it is. But it's the only one we've got in the Zope core. :-=
(
For Zope there is the zLOG and ZLogger modules, which interact in mysteri=
ous=20
ways. syslogLogger is in ZLogger. part of the mysterious plumbing is in=20
z2.py, so is not available to a ZEO server.
> > > (This only holds for log files owned by a root, right?)
> >
> > No, I dont think ownership is relevant. Any log file which the zope
> > process can overwrite it of little use in proving that your zope
> > process has not been compromised.
>
> Fair enough. But then why did you specifically refer to file
> descriptors?
It is possible for a log file to be owned by root and writeable only by r=
oot,=20
yet still be open to compromise. This can happen if the file is opened by=
=20
this process before dropping root privelidges, and never closed.